Instantly share code, notes, and snippets.

import requests
from relengapi.lib.permissions import p
def scope_satisfied(req, scopes):
Returns true, if scopes satisfies req
return any((
s == req or (s.endswith('*') and req.startswith(s[:-1])) for s in scopes
View yubikey-setup.txt
Decent links:
* Or just google for gpg, yubikey, ssh, there is a lot of guides.
## The GPG setup
View signin-aws
# This script expects AWS credentials:
# And optionally the TOTP entry name in your yubikey
# Put these environment variables into your .bashrc.local (or .bashrc, if you
# don't sync dot-files). In your .bashrc you'll also want:
# alias signin-aws='eval `signin-aws`'
View jsone-light.js
import _ from 'lodash';
import assert from 'assert';
// Render string given context
let renderString = (value, context) => {
return value.replace(/\${([^}]+)}/g, (expr, key) => {
if (context[key] === undefined) {
throw new Error('Undefined variable referenced in: ' + expr);
if (!_.includes(['number', 'string'], typeof(context[key]))) {
View actions-utils.js
import _ from 'lodash';
import Ajv from 'ajv';
import assert from 'assert';
import taskcluster from 'taskcluster-client';
let data = {}; // TODO: Load actions.json from decision task
if (data.version > 1) {
throw Error('Unsupported version of public/actions.json');
View actions-schema.yml
title: Schema for Exposing Actions
description: |
This document specifies the schema for the `public/actions.json` used by
_decision tasks_ to expose actions that can be triggered by end-users.
For the purpose of this document the _consumer_ is the user-interface that
displays task results to the end-user and allows end-users to trigger actions
defined by `public/actions.json`. A _consumer_ might be Treeherder.
View simple-expression-language
// Save parse options as context
var context = options;
= _ e:LogicalExpression _ { return e; }
= l:ComparisonExpression _ '||' _ r:LogicalExpression { return l || r; }
View cot.json
"id": "",
"$schema": "",
"title": "Chain of Trust Artifact",
"description": "COT-artifact for verfication of tasks",
"type": "object",
"properties": {
"chainOfTrustVersion": {"enum": [1]},
"artifacts": {
"additionalProperties": {

How to use this

  1. Find a task on treeherder
  2. Use the "inspect-task" link to get to the task-inspector
  3. Use the "one-click-loaner" link to get a loaner task
  4. Click the taskId of the loaner task
  5. List artifacts
  6. Find "private/docker-worker/shell.html"
  7. Right click and copy URL (ensure that you are logged into the with an LDAP user with commit level 1)